# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: water kappa # Reference: https://documents.trendmicro.com/assets/pdf/Tech%20Brief_Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users.pdf # Reference: https://otx.alienvault.com/pulse/5e68f7e638d16c09fa844701 bank-japanposst.jp bank-japanpost.com bank-japanpostjp.com bank-japanpostpo.jp japanp0st.jp jp-bamk.jp jp-bank-japanossts.jp safetb-amazon.jp safety-amazon.jp security-amazon.jp ts3cardd.com # Reference: https://www.trendmicro.com/en_us/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-.html (# water kappa) # Reference: https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-with-new-malvertising-campaign/IOCs-Cinobi%20Banking%20Trojan%20Targets%20Cryptocurrency%20Exchange%20Users%20via%20Malvertising.txt chirigame.com getkiplayer.com magicalgirlonlive.com supapureigemu.com 5lmt6t4kaymuwvm5.onion a7q5adiilsjkujxk.onion